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1 AUTHENTICATION PROTOCOL WITH DYNAMIC SECRET 

2 

3 Background of the Invention 

4 Technical Field of the Invention 

5 The present invention relates generally to digital security, and more specifically to an 

6 authentication protocol for use between digital devices which wish to communicate with each other. 

7 

8 Background Art 

9 Authentication is the well-known technology with which a communicating entity verify that 

10 another entity is who it claims to be. hi some instances, the entities may be people, in others they 

1 1 may be, for example, digital devices such as computers, telephones, cash machines, or the like. 

12 Existing authentication protocols use a predetermined secret to authenticate the entity. For 
13^ example, a user is required to provide a password in order to log on to a network such as his internet 
140 service provider (ISP); a user is required to enter his personal identification number (PIN) in order to 
llj withdraw cash fi*om an automated teller machine (ATM); a first computer is required to encrypt a 
ifc message using its private key so a second computer can decrypt that message using the first 

if U computer's pubHc key to prove that only the first computer could have done the initial encryption; a 

IS garage door opener remote control is required to send a unique code so only that remote will open 

ij"; the garage door; automobile remote door openers should have relatively unique values so they only 

2¥i open the correct car's doors; a cell phone sends a unique identifier so the system only charges the 

2r| customer with calls from his own cell phone. 

22 In such protocols, the secret remains static over time, and is therefore increasingly subject to 

23 attack by hackers or the like, who may attempt to determine the secret by brute force methods. In 

24 some cases, they may be able to break the secret a piece at a time, such as by periodically seeing 

25 individual numbers in a bank vault's combination. 

26 It is undesirable that the secret should be compromised. It is fixrther undesirable that, if it is 

27 compromised, the secret should remain valid and usable for an extended period of time. As long as 

28 the compromised secret remains unchanged, unauthorized persons or devices who possess it are free 

29 to use it for their perhaps nefarious purposes. 

30 There are knovm technologies for non-static, or dynamic, secrets. For example, so-called 

3 1 "rolhng code" garage door openers and car door openers periodically change the value of their secret. 

32 In these cases, it is necessary for the other entity - the garage door opener remote control or the 
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1 automobile - to change their copy of the secret, so the two halves remain synchronized. Otherwise, 

2 the devices would suddenly stop working with each other. 

3 It is desirable to provide an authentication protocol with dynamic secret, suitable for use in 

4 more sophisticated digital communications. 
5 

6 Brief Description of the Drawings 

7 The invention will be understood more fully from the detailed description given below and 

8 from the accompanying drawings of embodiments of the invention which, however, should not be 

9 taken to limit the invention to the specific embodiments described, but are for explanation and 

10 understanding only. 

1 1 FIG. 1 illustrates one exemplary embodiment of a system in which this invention may be 
12^. embodied and practiced. 

liy FIG. 2 illustrates a flowchart of one exemplary embodiment of a method for practicing the 

ll3 invention. 

Iff! FIG. 3 illustrates a flowchart of one exemplary embodiment of a method for attempting to 

iSf recover from lost PIN synchronization. 

^1 

l^j Detailed Description 

pr. The invention will be illustrated in terms of an exemplary embodiment in which the two 

i0 communicating entities are a web appliance and an ISP server communicating over the internet. 

21 However, the skilled reader will readily appreciate that the invention is not limited to this particular 

22 embodiment, and that the invention will have apphcability in a wide variety of situations and 

23 technologies. By way of example only, and not as an exhaustive list, such situations and technologies 

24 may include: cellular telephones, instant messaging devices, pagers, ATMs, smartcards, cable set-top 

25 boxes, and other suitable technologies, 

26 FIG. 1 shows one embodiment of a system 5 in which the invention may be practiced, or 

27 which may be constructed according to the invention. The system includes a first device 10 coupled 

28 via a network 12 to a second device 14. The first device may be termed a device to be authenticated 

29 10, and the second device may be termed an authenticating device 14. In the exemplary system to be 

30 discussed, the first device is a web appliance 10 and the second device is an ISP server 14. 
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1 The web appliance includes a communication interface 16 which connects to the network 

2 over a port (not shown). In one embodiment, the communication interface may be a modem for 

3 connecting to the internet 12 over a telephone system (not shown). In other embodiments, the 

4 communication interface may be a digital subscriber line (DSL) interface, or a wireless interface 

5 such as Bluetooth, or an infrared interface, or a satellite interface, or a cable modem, or any other 

6 suitable mechanism. 

7 The web appKance further includes storage 18 for storing the authentication secrets such as a 

8 serial number 20, a PIN 22, and a registration number 24. In various embodiments, the secrets may 

9 be different, and/or may be stored in separate storage. 

10 The web appUance also includes a processor 26 for performing logic operations. In some 

1 1 embodiments, the processor may be a general purpose microprocessor (CPU). Li others, it may be a 
12,,^ digital signal processor (DSP), an analog device, dedicated fixed-purpose circuitry, a hybrid, or other 
1 S suitable mechanism. 

1^ The web appliance includes storage 28 for storing the client side of the authentication 

iM: protocol 30. In some embodiments, this may include software or other instructions which cause the 

l&f processor to perform the method of the invention. 

1,7 The ISP server includes a communication interface 40 of any suitable type for connecting the 

W] ISP server to the network. The ISP server further includes a processor 42 for performing logic 

#: operations. The processor may, as explained above, be any suitable form of processing device. 

The ISP server includes storage 44 for storing the secrets 46a-n of a pluraUty of customers' 

if web appliances. The stored secrets may, in various embodiments, include a serial number 50, a PIN 

22 52, and a registration number 54, for the respective web apphance. 

23 The ISP server further includes storage 60 for storing provisioning data for the various web 

24 appliances, to be downloaded to them when they need updating or re-provisionuig, or upon initial 

25 provisioning. 

26 The ISP server further includes storage 62 for storing the server side of the authentication 

27 protocol. In some embodiments, that may include software or other instructions or the like for 

28 causing the server's processor to perform the method of the invention. These routines may include, 

29 for example, a secret pair validator 64, a PIN vaUdator 66, and an authentication response generator 

30 68. 
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1 FIG. 2 illustrates one exemplary method of the invention. The method begins with the web 

2 appliance sending (102) an authentication request to the ISP server. Typically, this will be upon 

3 dialup or other connection. The server then authenticates the web appliance. 

4 In one embodiment, the following methodology is used for authentication; other 

5 methodologies are usable in conjunction with this invention. The web appliance generates (104) a 

6 hash or other suitable representation of its PIN and registration number, and sends (106) this value to 

7 the server. The server verifies (1 10) that the serial number and registration number are a valid pair by 

8 comparing the values obtained from the client against those stored in the database. If (1 12) the pair is 

9 not valid, the server takes (114) appropriate measures, such as by logging the suspected hacker attack 

10 and terminating the appliance's connection. If the pair are valid, authentication continues, 

1 1 The server also verifies the correct value of the PIN by computing its own hash using the 
12^^^, registration number provided by the web appliance with the server's stored copy of the PIN and 
13I| comparing the result against the hash value received from the web appliance. If the PIN is thus 

14^: determined to be not valid, the system may optionally execute a recovery method (125) (as described 

iM} in FIG. 3). However, if (124) the PIN is vaUd, the server sends (126) an authentication reply to the 

l|:y web appliance, the server advances (128) its copy of that web appliance's PIN, and the web 

if ' appUance advances (130) its copy of the PIN. hi one embodiment, the PIN is a large number stored 

it] as an 80-byte array, and the advancement includes incrementing the PIN by a predetermined number 

ll)^- such as one. Other advancement strategies are certainly within the scope of this invention. For 

2^ example, the PIN could be multiplied, divided, or subtracted by a predetermined value, or some 

2f mathematical ftmction could be applied to it such as a square root, sine, raising to a power, 

22 incrementing by a dynamically calculated value, or any other ftmction, so long as both the server and 

23 the web appliance are capable of performing the substantially identical operation so their respective 

24 copies of the PIN stay adequately synchronized. In some embodiments, it may not be required that 

25 the values remain exactly equal, but in many this will be required. 

26 The server then sends (132) any data that it needs to send to the web appUance or which the 

27 web appliance has requested. In some cases, this may be provisioning data. The web appliance 

28 receives and consumes (134) the data. 

29 After sending the data, the server again advances (136) its copy of the PIN, and sends (138) a 

30 message to the web appliance indicating that the data transfer is complete. In response to receiving 

31 the done message, the web appliance advances (140) its copy of the PIN, and the authentication ends. 
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1 FIG. 3 illustrates one exemplary recovery method that may be used if the two copies of the 

2 PIN get out of synch. The recovery method begins with the web appUance advancing (150) its copy 

3 of the PIN, and sending (1 52) this advanced copy to the server. If (1 54) the server reply indicates that 

4 the PIN is vahd, then operation may continue (1 56) at block 126 of the main method (shown in FIG, 

5 2), If the PIN is still not valid, then the web apphance again advances (158) its copy of the PIN and 

6 sends (160) it to the server. If (162) the server indicates that the PIN is valid this time, operation may 

7 continue (164) at block 126 of the main method. Otherwise, the server may assume that it is under 

8 attack from an unauthorized appliance, and may log the attack and disconnect (166) from the 

9 appliance. 

10 With reference again to FIG. 2, it may be noted that in some embodiments, the 

1 1 once-advanced PINs (at blocks 128 md 130) are not stored into the respective storage areas (18 and 
12^„ 44 in FIG. 1) of the web appliance and the server, but may be maintained as temporary values such 
BO as in memory rather than being written to disk. In such embodiments, the recovery method may be 
14-] slightly altered such that the web apphance double-advances its PIN before sending it to the server, 
l^fj and may only make the one attempt. This will accommodate recovery in the situation where the 
liU server and apphance have made their single advancement of their copies of the PIN, the server has 
17^ sent its data and then re-advanced and stored its PIN, but the connection fails or some other similar 
ik^ error occurs and the apphance does not receive the done message and so does not re-increment nor 
1^- store its PIN, leaving the apphance' s copy two advancements behind the server's copy of the PIN. 
201 The reader will appreciate that there are many variations on this theme which are within the scope of 
21" this invention. 

22 The reader should appreciate that drawings showing methods, and the written descriptions 

23 thereof, should also be understood to illustrate machine-accessible media having recorded, encoded, 

24 or otherwise embodied therein instructions, functions, routines, control codes, firmware, software, or 

25 the like, which, when accessed, read, executed, loaded into, or otherwise utilized by a machine, will 

26 cause the machine to perform the illustrated methods. Such media may include, by way of illustration 

27 only and not limitation: magnetic, optical, magneto-optical, or other storage mechanisms, fixed or 

28 removable discs, drives, tapes, semiconductor memories, organic memories, CD-ROM, CD-R, 

29 CD-RW, DVD-ROM, DVD-R, DVD-RW, Zip, floppy, cassette, reel-to-reel, or the hke. They may 

30 ahematively include down-the-wire, broadcast, or other delivery mechanisms such as Internet, local 

31 area network, wide area network, wireless, cellular, cable, laser, sateUite, microwave, or other 
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1 suitable carrier means, over which the instructions etc. may be dehvered in the form of packets, 

2 serial data, parallel data, or other suitable format. The machine may include, by way of illustration 

3 only and not limitation: microprocessor, embedded controller, PLA, PAL, FPGA, ASIC, computer, 

4 smart card, networking equipment, or any other machine, apparatus, system, or the like which is 

5 adapted to perform functionality defined by such instructions or the like. Such drawings, written 

6 descriptions, and corresponding claims may variously be understood as representing the instructions 

7 etc. taken alone, the instructions etc. as organized in their particular packet/serial/parallel/etc. form, 

8 and/or the instructions etc. together with their storage or carrier media. The reader will further 

9 appreciate that such instructions etc. may be recorded or carried in compressed, encrypted, or 

10 otherwise encoded format without departing firom the scope of this patent, even if the instructions 

1 1 etc. must be decrypted, decompressed, compiled, interpreted, or otherwise manipulated prior to their 

1 2 execution or other utilization by the machine. 

130 Reference in the specification to "an embodiment," "one embodiment," "some 

l|S embodunents," or "other embodiments" means that a particular feature, structure, or characteristic 

1^^ described in connection with the embodiments is included in at least some embodiments, but not 

ill necessarily all embodiments, of the invention. The various appearances "an embodiment," "one 

if ^ embodiment," or "some embodiments" are not necessarily all referring to the same embodiments. 
I p If the specification states a component, feature, structure, or characteristic "may", "might", or 

ifi "could" be included, that particular component, feature, structure, or characteristic is not required to 

M be inchided. If the specification or claim refers to "a" or "an" element, that does not mean there is 

^ only one of the element. If the specification or claims refer to "an additional" element, that does not 

22 preclude there being more than one of the additional element. 

23 Those skilled in the art having the benefit of this disclosure will appreciate that many other 

24 variations firom the foregoing description and drawings may be made within the scope of the present 

25 invention. Indeed, the invention is not limited to the details described above. Rather, it is the 

26 following claims including any amendments thereto that define the scope of the invention. 

27 
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